From 18622a07054e853731e1af96253d1387451b51e2 Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Mon, 17 Oct 2022 16:40:37 +0200 Subject: [PATCH] probe if sha before exec git (#21467) --- modules/git/repo_commit.go | 4 ++-- modules/git/sha1_test.go | 21 +++++++++++++++++++++ 2 files changed, 23 insertions(+), 2 deletions(-) create mode 100644 modules/git/sha1_test.go diff --git a/modules/git/repo_commit.go b/modules/git/repo_commit.go index 78e037511e55..ec72593b80a4 100644 --- a/modules/git/repo_commit.go +++ b/modules/git/repo_commit.go @@ -154,8 +154,8 @@ func (repo *Repository) searchCommits(id SHA1, opts SearchCommitsOptions) ([]*Co // then let's iterate over them if len(opts.Keywords) > 0 { for _, v := range opts.Keywords { - // ignore anything below 4 characters as too unspecific - if len(v) >= 4 { + // ignore anything not matching a valid sha pattern + if IsValidSHAPattern(v) { // create new git log command with 1 commit limit hashCmd := NewCommand(repo.Ctx, "log", "-1", prettyLogFormat) // add previous arguments except for --grep and --all diff --git a/modules/git/sha1_test.go b/modules/git/sha1_test.go new file mode 100644 index 000000000000..c5c00f5445ee --- /dev/null +++ b/modules/git/sha1_test.go @@ -0,0 +1,21 @@ +// Copyright 2022 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package git + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestIsValidSHAPattern(t *testing.T) { + assert.True(t, IsValidSHAPattern("fee1")) + assert.True(t, IsValidSHAPattern("abc000")) + assert.True(t, IsValidSHAPattern("9023902390239023902390239023902390239023")) + assert.False(t, IsValidSHAPattern("90239023902390239023902390239023902390239023")) + assert.False(t, IsValidSHAPattern("abc")) + assert.False(t, IsValidSHAPattern("123g")) + assert.False(t, IsValidSHAPattern("some random text")) +}